Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D2D793A8D21011EE8E6E3616C4F9AE02.roa
File: D2D793A8D21011EE8E6E3616C4F9AE02.roa (raw, json)
Hash identifier: coFN3f90Nqhb81G3B+ZzckakIGli5AhdXzHwqJ/NUT0=
Subject key identifier: 39:B3:64:0E:14:F5:13:19:C4:FA:F2:FF:67:6E:24:51:90:A9:9E:D5
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8372
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D2D793A8D21011EE8E6E3616C4F9AE02.roa
Signing time: Fri 23 Feb 2024 06:00:19 +0000
ROA not before: Fri 23 Feb 2024 06:00:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17754
IP address blocks: 103.48.71.0/24 maxlen: 24
103.55.213.0/24 maxlen: 24
103.105.102.0/24 maxlen: 24
103.187.78.0/24 maxlen: 24
113.11.224.0/22 maxlen: 24
113.11.228.0/22 maxlen: 24
175.101.0.0/16 maxlen: 24
202.133.48.0/20 maxlen: 24
202.153.32.0/20 maxlen: 24
2401:fb00::/33 maxlen: 33
2401:fb00::/40 maxlen: 48
2401:fb00:100::/40 maxlen: 48
2401:fb00:200::/40 maxlen: 48
2401:fb00:300::/40 maxlen: 48
2401:fb00:400::/40 maxlen: 48
2401:fb00:500::/40 maxlen: 48
2401:fb00:600::/40 maxlen: 48
2401:fb00:700::/40 maxlen: 48
2401:fb00:800::/40 maxlen: 48
2401:fb00:900::/40 maxlen: 48
2401:fb00:7600::/40 maxlen: 48
2401:fb00:7700::/40 maxlen: 48
2401:fb00:7800::/40 maxlen: 48
2401:fb00:7900::/40 maxlen: 48
2401:fb00:7a00::/40 maxlen: 48
2401:fb00:7b00::/40 maxlen: 48
2401:fb00:7c00::/40 maxlen: 48
2401:fb00:7d00::/40 maxlen: 48
2401:fb00:7e00::/40 maxlen: 48
2401:fb00:7f00::/40 maxlen: 48
2401:fb00:8000::/33 maxlen: 33
Validation: Failed, certificate revoked on Mon 04 Mar 2024 06:06:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33650 (0x8372)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 23 06:00:19 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65d83473-45f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:da:63:63:4f:1e:99:c0:f3:d7:05:c2:e7:66:
9d:1e:f6:73:04:7b:56:14:b2:47:bc:3c:72:d2:41:
23:a4:ae:6e:82:67:31:dd:0f:99:9a:7a:b9:b0:d5:
71:72:a5:39:05:e9:59:c1:78:81:ff:83:db:55:56:
8c:96:9a:15:bf:53:0d:a6:f2:00:84:ce:a8:ab:8a:
4d:c6:23:7a:f7:11:65:c4:73:7a:23:d2:d8:36:11:
16:64:20:3c:59:6a:bc:87:9b:0d:c5:5f:71:66:eb:
c0:81:07:ff:c6:47:6c:9b:db:4f:09:b0:9b:97:69:
88:b0:e0:66:29:a7:75:64:b2:ea:61:23:90:ab:e4:
80:2e:6b:c8:b7:fa:88:e1:2b:a1:f0:26:f5:12:de:
3a:d1:db:05:d1:30:bc:46:83:3a:4e:b0:da:58:96:
3d:ca:08:62:5f:1e:d7:ee:4a:c1:e1:75:1f:4b:cd:
19:1f:f6:66:f4:af:9b:e9:8b:75:5c:ca:b0:fc:bd:
66:81:8c:f2:90:be:5d:28:22:fd:89:d0:e3:ae:e6:
fe:f9:3a:c5:5e:f9:aa:03:39:d7:21:e2:be:2a:00:
60:74:ee:ee:8b:10:9f:91:03:f6:84:c4:45:27:8a:
6e:6f:f7:62:40:cd:9d:51:e8:ff:61:58:03:f7:55:
0d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B3:64:0E:14:F5:13:19:C4:FA:F2:FF:67:6E:24:51:90:A9:9E:D5
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D2D793A8D21011EE8E6E3616C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.48.71.0/24
103.55.213.0/24
103.105.102.0/24
103.187.78.0/24
113.11.224.0/21
175.101.0.0/16
202.133.48.0/20
202.153.32.0/20
IPv6:
2401:fb00::/32
Signature Algorithm: sha256WithRSAEncryption
17:07:6a:5a:63:67:95:c7:72:ed:c3:31:e7:25:73:e5:58:f0:
d6:53:df:16:08:b8:45:e8:d8:d0:08:b9:f8:5c:8e:57:31:8b:
b4:dc:cf:6d:b3:ea:07:55:61:98:43:4e:e5:2a:c6:4d:cf:51:
b0:29:44:28:46:35:93:90:b1:8b:dd:df:58:a4:66:4d:f1:6c:
38:20:ff:e2:4e:46:94:ad:ce:cb:b8:cc:e1:6b:93:91:84:e7:
e7:b6:8a:cc:87:7e:48:e3:b5:c1:44:47:1b:7a:6c:41:9a:0a:
a0:f1:d2:68:93:e9:d9:09:48:2c:e6:62:36:82:d0:06:b2:d3:
c0:96:49:73:5b:df:05:17:58:03:d1:6a:a6:d2:4b:7c:31:b1:
03:34:dd:23:60:89:cb:ef:02:eb:73:9f:61:bb:0a:fc:b2:46:
f9:c1:5d:df:fc:38:84:09:cd:be:41:43:49:ec:46:fa:37:8b:
fe:af:fc:e9:c1:b1:8f:ee:1a:0a:23:5c:89:61:7c:72:43:cc:
8b:9b:48:7b:f0:46:63:66:ec:19:1d:a0:ef:d6:7e:c1:10:fd:
c5:e3:ca:56:7c:ec:9e:98:20:89:d4:32:05:d2:b8:fc:07:f9:
f0:7c:37:35:ba:47:06:3f:20:b1:85:a2:8a:86:c3:2c:90:dd:
b1:bb:a8:15
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIDAINyMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDIyMzA2MDAxOVoXDTI0MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjVkODM0NzMtNDVmNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDaY2NPHpnA89cFwudmnR72cwR7VhSyR7w8ctJBI6SuboJnMd0PmZp6ubDV
cXKlOQXpWcF4gf+D21VWjJaaFb9TDabyAITOqKuKTcYjevcRZcRzeiPS2DYRFmQg
PFlqvIebDcVfcWbrwIEH/8ZHbJvbTwmwm5dpiLDgZimndWSy6mEjkKvkgC5ryLf6
iOErofAm9RLeOtHbBdEwvEaDOk6w2liWPcoIYl8e1+5KweF1H0vNGR/2ZvSvm+mL
dVzKsPy9ZoGM8pC+XSgi/YnQ467m/vk6xV75qgM51yHivioAYHTu7osQn5ED9oTE
RSeKbm/3YkDNnVHo/2FYA/dVDbkCAwEAAaOCAs0wggLJMB0GA1UdDgQWBBQ5s2QO
FPUTGcT68v9nbiRRkKme1TAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0QyRDc5M0E4
RDIxMDExRUU4RTZFMzYxNkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMFcGCCsGAQUFBwEHAQH/
BEgwRjA1BAIAATAvAwQAZzBHAwQAZzfVAwQAZ2lmAwQAZ7tOAwQDcQvgAwMAr2UD
BATKhTADBATKmSAwDQQCAAIwBwMFACQB+wAwDQYJKoZIhvcNAQELBQADggEBABcH
alpjZ5XHcu3DMeclc+VY8NZT3xYIuEXo2NAIufhcjlcxi7Tcz22z6gdVYZhDTuUq
xk3PUbApRChGNZOQsYvd31ikZk3xbDgg/+JORpStzsu4zOFrk5GE5+e2isyHfkjj
tcFERxt6bEGaCqDx0miT6dkJSCzmYjaC0Aay08CWSXNb3wUXWAPRaqbSS3wxsQM0
3SNgicvvAutzn2G7CvyyRvnBXd/8OIQJzb5BQ0nsRvo3i/6v/OnBsY/uGgojXIlh
fHJDzIubSHvwRmNm7BkdoO/WfsEQ/cXjylZ87J6YIInUMgXSuPwH+fB8NzW6RwY/
ILGFooqGwyyQ3bG7qBU=
-----END CERTIFICATE-----
Generated at Mon Mar 4 07:09:42 2024 by rpki-client on console-fra.rpki-client.org